The Bybit hack was executed by Lazarus, a North Korea-linked cybercrime group. The FBI labeled the incident as the “TraderTraitor” operation. The stolen amount surpassed all North Korea-related cyber thefts in 2024. 

Lazarus’s “Flood the Zone” Tactic Exposed 

After the attack, Lazarus rapidly laundered the stolen funds through multidirectional, high-frequency transactions. This method, called “flood the zone” by TRM Labs, aims to overwhelm exchange compliance teams and blockchain analytics firms. 

TRM Labs stated, “This tactic involves intense, simultaneous transfers designed to drown regulators and analysts. The Bybit hack clearly showed an increased use of this method.” This reveals significant security gaps in the digital asset ecosystem. 

Meanwhile, Chainalysis experts traced suspicious wallets linked to a local crypto exchange in Greece. As a result, the assets held by the exchange were frozen. This step underlines the critical role of international cooperation in fighting crypto crimes. 

A New Chapter in Global Crypto Regulation 

Greek Finance Minister Kyriakos Pierrakakis commented on the case: “Thanks to blockchain’s traceability, international cooperation can stop financial crimes.” 

This operation may inspire similar actions in countries like South Korea and the U.S. Centralized exchanges such as Bybit must strengthen security after such attacks. The rise in investments across DeFi and CeFi platforms makes this increasingly important. According to DeFiLlama, the total value locked (TVL) reached $121 billion in July 2025. 

This development highlights cybersecurity as a top priority in crypto markets. Moreover, blockchain’s transparency enables more effective combat against cybercrime. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Bybit Hack Aftermath: Greece Freezes Crypto Assets! appeared first on Coin Engineer.

Malware Hidden in “Coding Assignments”

Hackers from the group Slow Pisces (aka Jade Sleet / TraderTraitor) approach developers on LinkedIn, offering dream gigs in DeFi or blockchain security. Once trust is built, they send malware-infected coding challenges hosted on GitHub. When opened, these files steal SSH keys, cloud access credentials, and crypto wallet data.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

Using Freelance Platforms to Spread

According to Hacken and Cyvers, platforms like Upwork and Fiverr are also being used by attackers posing as hiring managers.

“They create credible profiles and fake resumes just to infiltrate Web3 firms via targeted developers,” says Hayato Shigekawa of Chainalysis.

Security Tips for Devs

• Always use virtual machines or sandboxes to test external code
• Verify job offers via official channels
• Never store secrets in plain text
• Be wary of unverified packages and unsolicited opportunities
• Implement endpoint protection and operational hygiene

“If it looks too good to be true, it probably is,” warns Luis Lubeck of Hacken.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post North Korean Hackers Target Crypto Devs with Fake Job Offers appeared first on Coin Engineer.

FBI and Bybit Hack Investigation

The FBI has confirmed that North Korea was behind the $1.4 billion Bybit hack on October 21. In a public service announcement on February 26, the agency referred to the attack as “TraderTraitor.”

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

According to the FBI, TraderTraitor is also known as Lazarus Group, APT38, BlueNoroff, and Stardust Chollima. The agency stated that the group had rapidly converted some of the stolen assets into Bitcoin and other cryptocurrencies.

Bybit Hack and Money Laundering Process

The FBI revealed that over 135,000 Ethereum (ETH) have already been laundered, with the attackers using decentralized exchanges, cross-chain bridges, and instant swap services with no KYC protocols to move the stolen assets.

Additionally, 363,900 ETH (~$825 million) remain untouched. The FBI has shared 51 Ethereum addresses linked to the hackers and urged industry players to block or avoid interactions with these addresses.

Blockchain analytics firm Elliptic has already flagged 11,084 crypto wallet addresses linked to the Bybit exploit. The FBI has called on anyone with relevant information to report it to the Internet Crime Complaint Center.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post FBI Calls for Blocking Transactions Linked to Bybit Hack appeared first on Coin Engineer.